Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-33898

[RFE] [RHEL9] Backport --disable-polkit option from 2.0.2 upstream version

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Duplicate
    • Icon: Blocker Blocker
    • None
    • rhel-9.5
    • pcsc-lite
    • None
    • [RFE] [RHEL9]: Backport --disable-polkit option
    • Hide

      The following needs to be verified in order for this epic to be considered complete:

      • Execute pcscd with --disable-polkit option
      • pcscd does not dump any error when using --disable-polkit option
      • Verify pcscd is indeed not using the Policy Kit when using --disable-polkit, and PKCS#11 device can be accessed correctly even though Policy Kit is not available.
      Show
      The following needs to be verified in order for this epic to be considered complete: Execute pcscd with --disable-polkit option pcscd does not dump any error when using --disable-polkit option Verify pcscd is indeed not using the Policy Kit when using --disable-polkit, and PKCS#11 device can be accessed correctly even though Policy Kit is not available.
    • Red Hat Enterprise Linux
    • sst_security_crypto
    • ssg_security
    • False
    • Hide

      None

      Show
      None

      Description

      In order to provide a new feature for PKCS#11 unlocking in Clevis, we need to start pcscd without policy-kit at boot time. At this moment, RHEL9 version of pcsc-lite does not include this option.
      We need `--disable-polkit` option to have access to PKCS#11 device at boot time

      What SSTs and Layered Product teams should review this?

      pcsc-lite component maintainer

            jjelen@redhat.com Jakub Jelen
            sarroutb@redhat.com Sergio Arroutbi
            Jakub Jelen Jakub Jelen
            SSG Security QE SSG Security QE
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: